@misc{rfc9770,
    series =    {Request for Comments},
    number =    9770,
    howpublished =  {RFC 9770},
    publisher = {RFC Editor},
    doi =       {10.17487/RFC9770},
    url =       {https://www.rfc-editor.org/info/rfc9770},
    author =    {Marco Tiloca and Francesca Palombini and Sebastian Echeverria and Grace Lewis},
    title =     {{Notification of Revoked Access Tokens in the Authentication and Authorization for Constrained Environments (ACE) Framework}},
    pagetotal = 64,
    year =      2025,
    month =     jun,
    abstract =  {This document specifies a method of the Authentication and Authorization for Constrained Environments (ACE) framework, which allows an authorization server to notify clients and resource servers (i.e., registered devices) about revoked access tokens. As specified in this document, the method allows clients and resource servers (RSs) to access a Token Revocation List (TRL) on the authorization server by using the Constrained Application Protocol (CoAP), with the possible additional use of resource observation. Resulting (unsolicited) notifications of revoked access tokens complement alternative approaches such as token introspection, while not requiring additional endpoints on clients and RSs.},
}